Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance: CloudBytes

  • Date
  • Rating
  • Views
  • 2018: The Year in Data Security Panel Discussion
    2018: The Year in Data Security Panel Discussion
    Todd Thorsen, Sr Mgr, Security; Michelle Killian, Sr Mgr, Security Risk and Compliance; and Nathan Hunstad, Dir, Security Recorded: Dec 12 2018 48 mins
    The data security world changes so quickly it can be hard to keep up with the latest threats to corporate data. With countless stories of breaches, phishing scams, insider threats, government whistleblowers and cyber warfare, 2018 was the year all eyes turned to security teams and their role within an organization. In this webinar, a panel of security experts will recap the year in data security, with critical lessons learned, tips for security teams, a few fun stories and more.

    Join us to hear from your security peers about what they learned in 2018 and what they expect from the year to come.
  • Zero Trust in Practice: Why Identity Drives Next-Gen Access
    Zero Trust in Practice: Why Identity Drives Next-Gen Access
    Nick Fisher, Solutions Marketing at Okta Recorded: Dec 6 2018 33 mins
    Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. As a model with many moving parts, the immediate question is where to start?

    This session will focus on:
    - The full Zero Trust reference architecture and steps to get there
    - Why Identity is the foundational layer to build contextual access controls from
  • Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env
    Taking Control of Your Complex Security Policy Across Hybrid and Multi-Cloud Env
    Yitzy Tannenbaum, Product Marketing Manager at AlgoSec Recorded: Dec 4 2018 42 mins
    As the network estate grows in size and complexity, the enterprise security team is responsible for ensuring a unified, comprehensive network security policy. But how can the team be sure about application connectivity and the correct implementation of change requests when applications span the breadth of on-premise, private and multi-cloud environments, each with its own security controls? In the face of application migration to multiple clouds, how can the enterprise be sure about its risk and compliance posture at all times?

    In this enlightening webinar, Yitzy Tannenbaum, Product Marketing Manager at AlgoSec, will explain how unified security policy automation can help you:
    •Obtain complete visibility across the entire network estate
    •Maintain uniform security policy across complex multi-cloud and hybrid environments
    •Monitor multi-cloud and hybrid network-security configuration changes to properly analyze and assess risk and to maintain compliance posture
    •Generate audit-ready reports for major regulations, including PCI, HIPAA, SOX and NERC, on demand
    •Correctly provision application connectivity flows with zero touch across the myriad security controls in hybrid environments
  • 2018 Data Exposure Report
    2018 Data Exposure Report
    Molly Quinlan, Market Research Manager, Code42 Recorded: Nov 28 2018 43 mins
    Are your C-suiters putting valuable company IP at risk through careless data practices? If they're like most business leaders, they are. Nearly three-quarters of CEOs admit they’ve taken IP, ideas, and data from a former employer, and 95 percent admit to keeping a copy of their work on a personal device.

    A new report from Code42 and Sapio Research raises startling concerns about the role of human emotions in risky data practices such as these. The Data Exposure Report includes feedback from nearly 1,700 security, IT and business leaders in the U.S. and Europe.

    Attend this webinar to learn about:
    - The ways business leaders and employees put data at risk
    - How lack of data visibility hampers the ability of IT departments to protect data
    - Strategies for keeping your valuable IP safe--whether you experience a data breach or not
  • Ready for Liftoff? Planning a Safe and Secure Cloud Migration
    Ready for Liftoff? Planning a Safe and Secure Cloud Migration
    Jason Garbis of Cyxtera Recorded: Nov 20 2018 48 mins
    Want to transition on-premises workloads to the cloud, but are concerned about consistently securing access? Join us for a webinar where we discuss how you can easily and effectively apply secure access policies throughout your cloud migration, regardless of your infrastructure complexity or architectural starting point. By utilizing a modern, cloud-ready security architecture, you can maintain – and in fact, improve – your enterprise security controls throughout the entire migration process.

    In this webinar, Jason Garbis, CISSP – Vice President of Products at Cyxtera, will discuss
    - Challenges (real and perceived) that enterprises face when moving to the cloud
    - Managing policies and permissions for cloud vs. on-premises workloads
    - The pitfalls of inconsistent security
    - How to secure any application, on any platform, anywhere.

    This webinar is for IT / Security leadership (director, VP, CISO, CIO).
  • Using Machine Learning to Detect Command Line Anomalies
    Using Machine Learning to Detect Command Line Anomalies
    Andrei Cotaie and Tiberiu Boros of Adobe Recorded: Nov 13 2018 52 mins
    As we all know, cybersecurity is often a game of cat and mouse - attackers are always trying to outsmart us defenders. At Adobe, we face the same issues and concerns as all the other major companies. We must ask ourselves simple questions with non-simple answers: How do we ensure that all assets are protected? How do we ensure that our employees are secure from the outside threats? How can we mitigate future emerging threats? Attackers will always try to find the next unconventional attack that will bypass our security systems and our security mindset. In this case, how do we protect our self from the unknown? We believe machine learning techniques can assist us in this defense. This presentation will discuss one of our current machine learning innovations that is helping us detect anomalies in command lines. Command line interfaces are frequently used by users, system administrators and applications alike. Many applications launch console scripts to perform tasks, especially in cloud services where conformity in service environments is also helpful for security. When they can, attackers do like to leverage those native system capabilities. This presentation will discuss machine learning methods developed by Adobe computer scientists to help detect anomalies in command line scripts and calls to help prevent these types of attacks.
  • Protecting What’s Left: Cloud Security in the Serverless Age
    Protecting What’s Left: Cloud Security in the Serverless Age
    Edward Smith of Cloud Passage Recorded: Nov 8 2018 40 mins
    Serverless architectures and FaaS services such as AWS Lambda make application development scalable, easy, and cheap. Plus, there’s no server to maintain or patch! But just because there’s no server doesn't mean there’s nothing to secure. Serverless services and their dependencies still need to be used and configured correctly, which is why it’s important to maintain security visibility into your serverless architecture.

    Join CloudPassage for an introduction on protecting serverless applications and underlying infrastructure and learn:

    - What a serverless application looks like from a security perspective

    - What threats, risks, and potential vulnerabilities could be leaving your organization exposed

    - Steps you can take to secure your serverless architecture
  • Data Breach Myths vs. Reality
    Data Breach Myths vs. Reality
    Sami Laine of Okta Recorded: Oct 25 2018 31 mins
    Data breaches can happen to any organization, so it's important to understand your organization's risk of a data breach. But where should you start your assessment? What practical and pragmatic steps can you take?

    In this presentation, we'll discuss the myths vs. the realities on how:

    - Breaches happen

    - The rapidly growing cloud and SaaS adoption changes the game for
    defenders

    - Identity-driven security can help reduce the probability of a breach happening to your organization
  • How to Phish Your Employees For Functional Security
    How to Phish Your Employees For Functional Security
    Josh Green of Duo Security Recorded: Oct 18 2018 45 mins
    More than 90% of reported data breaches and security incidents in 2016 involved a successful phishing attack*. Attackers rely on phishing as a primary strategy because it continues to be both effective and efficient, as users remain the most vulnerable attack vector.

    The best defense against phishing is proactively educating your users, through a shame-free campaign that prepares them for real-world phishing attempts. Along with teaching your users what to watch for, an internal phishing exercise can result in faster user reports of possible phish attempts and reinforce your security response plan.

    In this webinar, you will learn how to:

    - Quickly and easily assess your security posture
    - Help build the business case for addressing your organization’s security needs
    - Build and deploy effective phishing simulations within minutes
    - Identify vulnerable users and devices
    - Increase the speed of user reporting for possible phishing messages

    * Verizon 2017 Data Breach Investigations Report, page 30
  • Discovering a Competitive Advantage with ISO 27001 Certification
    Discovering a Competitive Advantage with ISO 27001 Certification
    Jason Eubanks, CRISC, ISO 27001 Lead Auditor, Principal Consultant, Lockpath Recorded: Oct 11 2018 41 mins
    Organizations with mature, enterprise-wide information security risk management programs enjoy a competitive advantage, thanks to ISO 27001 certification that signifies an international standard for safeguarding information. In this webinar, Lockpath's Jason Eubanks, a governance, risk management, and compliance (GRC) consultant and former ISO auditor, will share the business case for earning ISO 27001 certification and the critical role of technology in implementing a successful information security management system (ISMS).

    You'll learn:
    •Challenges and pitfalls with ISO 27001 certification
    •Tips on establishing and maturing an ISMS
    •Strategies for preparing and passing ISO audits
    •Technology's role in earning and maintaining certification

    Learn how ISO 27001 can give you a competitive advantage and strategies for earning certification. Register now to attend this educational webinar.

Embed in website or blog